001
014
015 package com.liferay.portal.security.ntlm;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.security.ntlm.msrpc.NetlogonAuthenticator;
020 import com.liferay.portal.security.ntlm.msrpc.NetlogonIdentityInfo;
021 import com.liferay.portal.security.ntlm.msrpc.NetlogonNetworkInfo;
022 import com.liferay.portal.security.ntlm.msrpc.NetlogonValidationSamInfo;
023 import com.liferay.portal.security.ntlm.msrpc.NetrLogonSamLogon;
024
025 import java.io.IOException;
026
027 import java.security.NoSuchAlgorithmException;
028 import java.security.SecureRandom;
029
030 import jcifs.dcerpc.DcerpcBinding;
031 import jcifs.dcerpc.DcerpcHandle;
032 import jcifs.dcerpc.UnicodeString;
033
034 import jcifs.smb.SmbException;
035
036
040 public class Netlogon {
041
042 public NtlmUserAccount logon(
043 String domain, String userName, String workstation,
044 byte[] serverChallenge, byte[] ntResponse, byte[] lmResponse)
045 throws NtlmLogonException {
046
047 NetlogonConnection netlogonConnection = new NetlogonConnection();
048
049 try {
050 netlogonConnection.connect(
051 _domainController, _domainControllerName, _ntlmServiceAccount,
052 _secureRandom);
053
054 NetlogonAuthenticator netlogonAuthenticator =
055 netlogonConnection.computeNetlogonAuthenticator();
056
057 NetlogonIdentityInfo netlogonIdentityInfo =
058 new NetlogonIdentityInfo(
059 domain, 0x00000820, 0, 0, userName, workstation);
060
061 NetlogonNetworkInfo netlogonNetworkInfo = new NetlogonNetworkInfo(
062 netlogonIdentityInfo, serverChallenge, ntResponse, lmResponse);
063
064 NetrLogonSamLogon netrLogonSamLogon = new NetrLogonSamLogon(
065 _domainControllerName, _ntlmServiceAccount.getComputerName(),
066 netlogonAuthenticator, new NetlogonAuthenticator(), 2,
067 netlogonNetworkInfo, 2, new NetlogonValidationSamInfo(), 0);
068
069 DcerpcHandle dcerpcHandle = netlogonConnection.getDcerpcHandle();
070
071 dcerpcHandle.sendrecv(netrLogonSamLogon);
072
073 if (netrLogonSamLogon.getStatus() == 0) {
074 NetlogonValidationSamInfo netlogonValidationSamInfo =
075 netrLogonSamLogon.getNetlogonValidationSamInfo();
076
077 UnicodeString name = new UnicodeString(
078 netlogonValidationSamInfo.getEffectiveName(), false);
079
080 return new NtlmUserAccount(name.toString());
081 }
082 else {
083 SmbException smbe = new SmbException(
084 netrLogonSamLogon.getStatus(), false);
085
086 throw new NtlmLogonException(
087 "Unable to authenticate user: " + smbe.getMessage());
088 }
089 }
090 catch (NoSuchAlgorithmException nsae) {
091 throw new NtlmLogonException(
092 "Unable to authenticate due to invalid encryption algorithm",
093 nsae);
094 }
095 catch (IOException ioe) {
096 throw new NtlmLogonException(
097 "Unable to authenticate due to communication failure with " +
098 "server",
099 ioe);
100 }
101 finally {
102 try {
103 netlogonConnection.disconnect();
104 }
105 catch (Exception e) {
106 _log.error("Unable to disconnect Netlogon connection", e);
107 }
108 }
109 }
110
111 public void setConfiguration(
112 String domainController, String domainControllerName,
113 NtlmServiceAccount ntlmServiceAccount) {
114
115 _domainController = domainController;
116 _domainControllerName = domainControllerName;
117 _ntlmServiceAccount = ntlmServiceAccount;
118 }
119
120 private static Log _log = LogFactoryUtil.getLog(Netlogon.class);
121
122 private String _domainController;
123 private String _domainControllerName;
124 private NtlmServiceAccount _ntlmServiceAccount;
125 private SecureRandom _secureRandom = new SecureRandom();
126
127 static {
128 DcerpcBinding.addInterface(
129 "netlogon", "12345678-1234-abcd-ef00-01234567cffb:1.0");
130 }
131
132 }